On Fri, 21 Mar 2025 00:55:24 +0530 Krishay Rathaure <krishayrathaurei...@gmail.com> wrote:
> Dear Mentors, > > I hope this email finds you well. > > My name is Krishay Rathaure, and I'm a B.Tech student at the Indian > Institute of Technology Indore, India. I've two years of experience in C > programming, network security, and CLI development, including leading a CTF > team and collaborating on multiple projects at national hackathons. Given > my passion for distributed file systems and open-source software, I am > excited about the afsio: Add Mount Point and ACL Creation Support project > for GSoC. > > I have been exploring the OpenAFS repository and reviewing afsio’s > functionality, and I’m eager to contribute by extending these commands and > refining my proposal based on your guidance. Hello Krishay, Thank you for your interest in OpenAFS. > To ensure my proposal aligns with the project’s needs, I would appreciate > clarification on a few points: > > 1. What is the best practice for enabling authenticated access in afsio? > Should I integrate existing mechanisms (such as "aklog" with system calls) > or consider alternative approaches? A general solution will be quite challenging. Currently, authenticated access requires the kernel module since tokens are stored in the kernel. The afsio runs without the kernel, so the tokens are not present. See the code in src/auth/authcon.c for more details. It could be possible to construct a token from the user's kerberos ticket (as is done by aklog) in userspace and use that for the Rx security class. A first step may be to just support a "-localauth" option, like is already present in other commands. This would only be useful for limited scenarios. The user would be required to run afsio on a machine that has the service keys and would need to have permissions to read the keys, e.g. running as root on a fileserver. But even this could be useful for setting up a new cell before a cache manager is ready. > 2. How is mount point creation expected to interact with AFS volumes? > Are there specific system calls or libraries you prefer for this > functionality? afsio is based on our library called libafscp. I expect that library would need to be extended. Mount points are actually symlinks with a special target syntax. > 3. Are there any areas in the current afsio interface that need > immediate improvement or could benefit from a redesign? I think that would be out of scope for this 12 week project, it will be challenging enough. > 4. What testing methods do you recommend for different system > configurations (e.g., containers or VMs)? I think you'll want to have at least one virtual machine with the unchanged cache manager (with the kernel module running) to test and check. Normally you'll want to setup a test cell on one or more virtual machines. This can be done manually or with Ansible, for example. > I would love to hear your thoughts on these focus areas and any recommended > initial contributions before the application period. Please let me know if > you have any questions for me. > > Thank you for your time. I look forward to your response and suggestions. > > Best regards, > Krishay Rathaure > Linkedin <https://www.linkedin.com/in/krishay-rathaure/> > +91-9810309960 Thanks Krishay. -- Michael Meffie <mmef...@sinenomine.net> _______________________________________________ OpenAFS-devel mailing list OpenAFS-devel@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-devel
